From fbb03be0d0993fca24b904fc6e69c2ac5746a8d6 Mon Sep 17 00:00:00 2001
From: Chris Long <clong@cl0ng.com>
Date: Wed, 5 May 2021 21:40:48 -0700
Subject: [PATCH 1/4] Move Exchange to AddOns Folder

---
 .gitignore                                    |  1 +
 Addons/Exchange/Azure/Ansible/ansible.cfg     |  3 +
 Addons/Exchange/Azure/Ansible/exchange.yml    |  6 ++
 .../Exchange/Azure/Ansible/group_vars/all.yml |  1 +
 Addons/Exchange/Azure/Ansible/roles/common    |  1 +
 .../Ansible/roles/exchange/tasks/main.yml     |  4 +-
 Addons/Exchange/Azure/Terraform/locals.tf     |  3 +
 Addons/Exchange/Azure/Terraform/main.tf       | 81 ++++++++++++++++++
 Addons/Exchange/Azure/Terraform/outputs.tf    |  7 ++
 Addons/Exchange/ESXi/Ansible/ansible.cfg      |  2 +
 Addons/Exchange/ESXi/Ansible/exchange.yml     |  6 ++
 .../Exchange/ESXi/Ansible/group_vars/all.yml  |  1 +
 Addons/Exchange/ESXi/Ansible/roles/common     |  1 +
 .../Ansible}/roles/exchange/tasks/main.yml    |  0
 Addons/Exchange/ESXi/Terraform/main.tf        | 40 +++++++++
 Addons/Exchange/ESXi/Terraform/outputs.tf     |  7 ++
 Addons/Exchange/ESXi/Terraform/variables.tf   |  1 +
 Addons/Exchange/ESXi/Terraform/versions.tf    |  9 ++
 Addons/Exchange/Vagrant/Vagrantfile           | 59 +++++++++++++
 Addons/Exchange/Vagrant/resources             |  1 +
 Addons/Exchange/Vagrant/scripts               |  1 +
 Azure/Ansible/inventory.yml                   |  5 --
 Azure/Terraform/locals.tf                     |  1 -
 Azure/Terraform/main.tf                       | 85 -------------------
 Azure/Terraform/outputs.tf                    |  8 --
 Azure/Terraform/variables.tf                  |  6 --
 Azure/build_ansible_inventory.sh              |  8 --
 ESXi/ansible/detectionlab.yml                 |  6 +-
 ESXi/ansible/inventory.yml                    |  6 +-
 ESXi/main.tf                                  | 30 -------
 ESXi/outputs.tf                               |  8 --
 ESXi/variables.tf                             |  6 --
 Vagrant/Vagrantfile                           | 63 --------------
 Vagrant/scripts/install-exchange.ps1          |  4 -
 34 files changed, 237 insertions(+), 234 deletions(-)
 create mode 100644 Addons/Exchange/Azure/Ansible/ansible.cfg
 create mode 100644 Addons/Exchange/Azure/Ansible/exchange.yml
 create mode 120000 Addons/Exchange/Azure/Ansible/group_vars/all.yml
 create mode 120000 Addons/Exchange/Azure/Ansible/roles/common
 rename {Azure => Addons/Exchange/Azure}/Ansible/roles/exchange/tasks/main.yml (97%)
 create mode 100644 Addons/Exchange/Azure/Terraform/locals.tf
 create mode 100644 Addons/Exchange/Azure/Terraform/main.tf
 create mode 100644 Addons/Exchange/Azure/Terraform/outputs.tf
 create mode 100644 Addons/Exchange/ESXi/Ansible/ansible.cfg
 create mode 100644 Addons/Exchange/ESXi/Ansible/exchange.yml
 create mode 120000 Addons/Exchange/ESXi/Ansible/group_vars/all.yml
 create mode 120000 Addons/Exchange/ESXi/Ansible/roles/common
 rename {ESXi/ansible => Addons/Exchange/ESXi/Ansible}/roles/exchange/tasks/main.yml (100%)
 create mode 100644 Addons/Exchange/ESXi/Terraform/main.tf
 create mode 100644 Addons/Exchange/ESXi/Terraform/outputs.tf
 create mode 120000 Addons/Exchange/ESXi/Terraform/variables.tf
 create mode 100644 Addons/Exchange/ESXi/Terraform/versions.tf
 create mode 100644 Addons/Exchange/Vagrant/Vagrantfile
 create mode 120000 Addons/Exchange/Vagrant/resources
 create mode 120000 Addons/Exchange/Vagrant/scripts

diff --git a/.gitignore b/.gitignore
index 9ee2540..b3342ae 100755
--- a/.gitignore
+++ b/.gitignore
@@ -10,6 +10,7 @@ Boxes/*
 *.tfvars
 inventory.yml
 inventory.yml.bak
+**/inventory.yml
 *.box
 manifest.xml
 HyperV/.vagrant/*
diff --git a/Addons/Exchange/Azure/Ansible/ansible.cfg b/Addons/Exchange/Azure/Ansible/ansible.cfg
new file mode 100644
index 0000000..bcbfb98
--- /dev/null
+++ b/Addons/Exchange/Azure/Ansible/ansible.cfg
@@ -0,0 +1,3 @@
+[defaults]
+inventory = inventory.yml
+host_key_checking = False
diff --git a/Addons/Exchange/Azure/Ansible/exchange.yml b/Addons/Exchange/Azure/Ansible/exchange.yml
new file mode 100644
index 0000000..18afd15
--- /dev/null
+++ b/Addons/Exchange/Azure/Ansible/exchange.yml
@@ -0,0 +1,6 @@
+---
+- hosts: exchange
+  roles:
+    - exchange
+    - common
+  tags: exchange
diff --git a/Addons/Exchange/Azure/Ansible/group_vars/all.yml b/Addons/Exchange/Azure/Ansible/group_vars/all.yml
new file mode 120000
index 0000000..881d25b
--- /dev/null
+++ b/Addons/Exchange/Azure/Ansible/group_vars/all.yml
@@ -0,0 +1 @@
+../../../../Azure/Ansible/group_vars/all.yml
\ No newline at end of file
diff --git a/Addons/Exchange/Azure/Ansible/roles/common b/Addons/Exchange/Azure/Ansible/roles/common
new file mode 120000
index 0000000..76017e7
--- /dev/null
+++ b/Addons/Exchange/Azure/Ansible/roles/common
@@ -0,0 +1 @@
+../../../../../Azure/Ansible/roles/common
\ No newline at end of file
diff --git a/Azure/Ansible/roles/exchange/tasks/main.yml b/Addons/Exchange/Azure/Ansible/roles/exchange/tasks/main.yml
similarity index 97%
rename from Azure/Ansible/roles/exchange/tasks/main.yml
rename to Addons/Exchange/Azure/Ansible/roles/exchange/tasks/main.yml
index 60cb418..fdc0c42 100644
--- a/Azure/Ansible/roles/exchange/tasks/main.yml
+++ b/Addons/Exchange/Azure/Ansible/roles/exchange/tasks/main.yml
@@ -53,12 +53,14 @@
     post_reboot_delay: 60
 
 - name: Install Exchange Prereqs
-  win_shell: .\\install-exchange.ps1
+  win_command: powershell.exe .\\install-exchange.ps1
   args:
     chdir: 'c:\vagrant\scripts'
   register: exchange_prereqs
   changed_when: "'A reboot is required to continue installation of exchange.' in exchange_prereqs.stdout"
 
+- debug: msg="{{ exchange_prereqs.stdout_lines }}"
+
 - name: Reboot After Installing Exchange PreReqs
   win_reboot:
     msg: "Exchange Prereqs installed. Rebooting..."
diff --git a/Addons/Exchange/Azure/Terraform/locals.tf b/Addons/Exchange/Azure/Terraform/locals.tf
new file mode 100644
index 0000000..7344959
--- /dev/null
+++ b/Addons/Exchange/Azure/Terraform/locals.tf
@@ -0,0 +1,3 @@
+locals {  
+  exchange_url    = "https://${azurerm_public_ip.exchange-publicip.ip_address}"
+}
diff --git a/Addons/Exchange/Azure/Terraform/main.tf b/Addons/Exchange/Azure/Terraform/main.tf
new file mode 100644
index 0000000..6e5a764
--- /dev/null
+++ b/Addons/Exchange/Azure/Terraform/main.tf
@@ -0,0 +1,81 @@
+resource "azurerm_virtual_machine" "exchange" {
+  name = "exchange.windomain.local"
+  location = var.region
+  resource_group_name  = azurerm_resource_group.detectionlab.name
+  network_interface_ids = [azurerm_network_interface.exchange-nic[count.index].id]
+  vm_size               = "Standard_D3_v2"
+
+  delete_os_disk_on_termination = true
+
+  storage_image_reference {
+    publisher = "MicrosoftWindowsServer"
+    offer     = "WindowsServer"
+    sku       = "2016-Datacenter"
+    version   = "latest"
+  }
+
+  os_profile {
+    computer_name  = "exchange"
+    admin_username = "vagrant"
+    admin_password = "Vagrant123"
+    custom_data    = local.custom_data_content
+  }
+
+  os_profile_windows_config {
+    provision_vm_agent        = true
+    enable_automatic_upgrades = false
+
+    # Auto-Login's required to configure WinRM
+    additional_unattend_config {
+      pass         = "oobeSystem"
+      component    = "Microsoft-Windows-Shell-Setup"
+      setting_name = "AutoLogon"
+      content      = "<AutoLogon><Password><Value>Vagrant123</Value></Password><Enabled>true</Enabled><LogonCount>1</LogonCount><Username>vagrant</Username></AutoLogon>"
+    }
+
+    # Unattend config is to enable basic auth in WinRM, required for the provisioner stage.
+    # https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/examples/virtual-machines/provisioners/windows/files/FirstLogonCommands.xml
+    additional_unattend_config {
+      pass         = "oobeSystem"
+      component    = "Microsoft-Windows-Shell-Setup"
+      setting_name = "FirstLogonCommands"
+      content      = file("${path.module}/files/FirstLogonCommands.xml")
+    }
+  }
+
+  storage_os_disk {
+    name              = "OsDiskExchange"
+    caching           = "ReadWrite"
+    create_option     = "FromImage"
+    managed_disk_type = "Standard_LRS"
+  }
+
+  tags = {
+    role = "exchange"
+  }
+}
+
+resource "azurerm_network_interface" "exchange-nic" {
+  name = "exchange-nic"
+  location = var.region
+  resource_group_name  = azurerm_resource_group.detectionlab.name
+
+  ip_configuration {
+    name                          = "myNicConfiguration"
+    subnet_id                     = azurerm_subnet.detectionlab-subnet.id
+    private_ip_address_allocation = "Static"
+    private_ip_address            = "192.168.38.106"
+    public_ip_address_id          = azurerm_public_ip.exchange-publicip[count.index].id
+  }
+}
+
+resource "azurerm_public_ip" "exchange-publicip" {
+  name                = "exchange-public-ip"
+  location            = var.region
+  resource_group_name = azurerm_resource_group.detectionlab.name
+  allocation_method   = "Static"
+
+  tags = {
+    role = "exchange"
+  }
+}
diff --git a/Addons/Exchange/Azure/Terraform/outputs.tf b/Addons/Exchange/Azure/Terraform/outputs.tf
new file mode 100644
index 0000000..b26c367
--- /dev/null
+++ b/Addons/Exchange/Azure/Terraform/outputs.tf
@@ -0,0 +1,7 @@
+output "exchange_public_ip" {
+  value = azurerm_public_ip.exchange-publicip
+}
+
+output "exchange_url" {
+  value = local.exchange_url
+}
diff --git a/Addons/Exchange/ESXi/Ansible/ansible.cfg b/Addons/Exchange/ESXi/Ansible/ansible.cfg
new file mode 100644
index 0000000..d601d7e
--- /dev/null
+++ b/Addons/Exchange/ESXi/Ansible/ansible.cfg
@@ -0,0 +1,2 @@
+[defaults]
+inventory = inventory.yml
diff --git a/Addons/Exchange/ESXi/Ansible/exchange.yml b/Addons/Exchange/ESXi/Ansible/exchange.yml
new file mode 100644
index 0000000..18afd15
--- /dev/null
+++ b/Addons/Exchange/ESXi/Ansible/exchange.yml
@@ -0,0 +1,6 @@
+---
+- hosts: exchange
+  roles:
+    - exchange
+    - common
+  tags: exchange
diff --git a/Addons/Exchange/ESXi/Ansible/group_vars/all.yml b/Addons/Exchange/ESXi/Ansible/group_vars/all.yml
new file mode 120000
index 0000000..52b2c39
--- /dev/null
+++ b/Addons/Exchange/ESXi/Ansible/group_vars/all.yml
@@ -0,0 +1 @@
+../../../../../ESXi/Ansible/group_vars/all.yml
\ No newline at end of file
diff --git a/Addons/Exchange/ESXi/Ansible/roles/common b/Addons/Exchange/ESXi/Ansible/roles/common
new file mode 120000
index 0000000..6b58ef8
--- /dev/null
+++ b/Addons/Exchange/ESXi/Ansible/roles/common
@@ -0,0 +1 @@
+../../../../../ESXi/Ansible/roles/common
\ No newline at end of file
diff --git a/ESXi/ansible/roles/exchange/tasks/main.yml b/Addons/Exchange/ESXi/Ansible/roles/exchange/tasks/main.yml
similarity index 100%
rename from ESXi/ansible/roles/exchange/tasks/main.yml
rename to Addons/Exchange/ESXi/Ansible/roles/exchange/tasks/main.yml
diff --git a/Addons/Exchange/ESXi/Terraform/main.tf b/Addons/Exchange/ESXi/Terraform/main.tf
new file mode 100644
index 0000000..3f80f22
--- /dev/null
+++ b/Addons/Exchange/ESXi/Terraform/main.tf
@@ -0,0 +1,40 @@
+#########################################
+#  ESXI Provider host/login details
+#########################################
+#
+#   Use of variables here to hide/move the variables to a separate file
+#
+provider "esxi" {
+  esxi_hostname = var.esxi_hostname
+  esxi_hostport = var.esxi_hostport
+  esxi_username = var.esxi_username
+  esxi_password = var.esxi_password
+}
+
+resource "esxi_guest" "exchange" {
+  guest_name = "exchange"
+  disk_store = var.esxi_datastore
+  guestos    = "windows9srv-64"
+
+  boot_disk_type = "thin"
+
+  memsize            = "8192"
+  numvcpus           = "4"
+  resource_pool_name = "/"
+  power              = "on"
+  clone_from_vm = "WindowsServer2016"
+  # This is the network that bridges your host machine with the ESXi VM
+  network_interfaces {
+    virtual_network = var.vm_network
+    mac_address     = "00:50:56:a1:b2:c5"
+    nic_type        = "e1000"
+  }
+  # This is the local network that will be used for 192.168.38.x addressing
+  network_interfaces {
+    virtual_network = var.hostonly_network
+    mac_address     = "00:50:56:a1:b4:c5"
+    nic_type        = "e1000"
+  }
+  guest_startup_timeout  = 45
+  guest_shutdown_timeout = 30
+}
diff --git a/Addons/Exchange/ESXi/Terraform/outputs.tf b/Addons/Exchange/ESXi/Terraform/outputs.tf
new file mode 100644
index 0000000..9e04979
--- /dev/null
+++ b/Addons/Exchange/ESXi/Terraform/outputs.tf
@@ -0,0 +1,7 @@
+output "exchange_interfaces" {
+  value = esxi_guest.exchange.network_interfaces
+}
+
+output "exchange_ips" {
+  value = esxi_guest.exchange.ip_address
+}
diff --git a/Addons/Exchange/ESXi/Terraform/variables.tf b/Addons/Exchange/ESXi/Terraform/variables.tf
new file mode 120000
index 0000000..0ff79dd
--- /dev/null
+++ b/Addons/Exchange/ESXi/Terraform/variables.tf
@@ -0,0 +1 @@
+../../../../ESXi/variables.tf
\ No newline at end of file
diff --git a/Addons/Exchange/ESXi/Terraform/versions.tf b/Addons/Exchange/ESXi/Terraform/versions.tf
new file mode 100644
index 0000000..7d8294c
--- /dev/null
+++ b/Addons/Exchange/ESXi/Terraform/versions.tf
@@ -0,0 +1,9 @@
+terraform {     
+  required_version = ">= 0.13"                                                                                                                                                                                                    
+  required_providers {                                                                                                                                                                                              
+    esxi = {                                                                                                                                                                                                        
+      source = "josenk/esxi"                                                                                                                                                                                        
+      version = "1.8.0"                                                                                                                                                                                             
+    }
+  }
+}
diff --git a/Addons/Exchange/Vagrant/Vagrantfile b/Addons/Exchange/Vagrant/Vagrantfile
new file mode 100644
index 0000000..4bf5568
--- /dev/null
+++ b/Addons/Exchange/Vagrant/Vagrantfile
@@ -0,0 +1,59 @@
+    config.vm.define "exchange" do |cfg|
+      cfg.vm.box = "detectionlab/win2016"
+      cfg.vm.hostname = "exchange"
+      cfg.vm.boot_timeout = 600
+      cfg.vm.communicator = "winrm"
+      cfg.winrm.basic_auth_only = true
+      cfg.winrm.timeout = 300
+      cfg.winrm.retry_limit = 20
+      cfg.vm.network :private_network, ip: "192.168.38.106", gateway: "192.168.38.1", dns: "192.168.38.102"
+
+      cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: true, args: "-ip 192.168.38.106 -dns 8.8.8.8 -gateway 192.168.38.1" 
+      cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
+      cfg.vm.provision "reload"
+      cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
+      cfg.vm.provision "shell", path: "scripts/download_palantir_wef.ps1", privileged: false
+      cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: false
+      cfg.vm.provision "shell", path: "scripts/install-splunkuf.ps1", privileged: false
+      cfg.vm.provision "shell", path: "scripts/install-windows_ta.ps1", privileged: false
+      cfg.vm.provision "shell", path: "scripts/install-utilities.ps1", privileged: false
+      cfg.vm.provision "shell", path: "scripts/install-redteam.ps1", privileged: false
+      cfg.vm.provision "shell", path: "scripts/install-choco-extras.ps1", privileged: false
+      cfg.vm.provision "shell", path: "scripts/install-osquery.ps1", privileged: false
+      cfg.vm.provision "shell", path: "scripts/install-sysinternals.ps1", privileged: false
+      cfg.vm.provision "shell", path: "scripts/install-velociraptor.ps1", privileged: false 
+      cfg.vm.provision "shell", inline: "Set-SmbServerConfiguration -AuditSmb1Access $true -Force", privileged: false
+      cfg.vm.provision "shell", inline: 'cscript c:\windows\system32\slmgr.vbs /dlv', privileged: false
+
+      cfg.vm.provider "vmware_desktop" do |v, override|
+        v.vmx["displayname"] = "exchange.windomain.local"
+        v.memory = 8192
+        v.cpus = 4
+        v.gui = true
+        v.enable_vmrun_ip_lookup = false
+      end
+
+      cfg.vm.provider "virtualbox" do |vb, override|
+        vb.gui = true
+        vb.name = "exchange.windomain.local"
+        vb.default_nic_type = "82545EM"
+        vb.customize ["modifyvm", :id, "--memory", 8192]
+        vb.customize ["modifyvm", :id, "--cpus", 4]
+        vb.customize ["modifyvm", :id, "--vram", "32"]
+        vb.customize ["modifyvm", :id, "--clipboard", "bidirectional"]
+        vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
+        vb.customize ["setextradata", "global", "GUI/SuppressMessages", "all" ]
+      end
+
+      cfg.vm.provider "libvirt" do |lv, override|
+        lv.graphics_type = "spice"
+        lv.video_type = "qxl"
+        lv.input :type => "tablet", :bus => "usb"
+        override.vm.box = "../Boxes/windows_2016_libvirt.box"
+        lv.video_vram = 32768
+        lv.memory = 8192
+        lv.cpus = 4
+        override.vm.synced_folder '.', '/', type: 'winrm' 
+      end
+    end
+  end
diff --git a/Addons/Exchange/Vagrant/resources b/Addons/Exchange/Vagrant/resources
new file mode 120000
index 0000000..ebd8c69
--- /dev/null
+++ b/Addons/Exchange/Vagrant/resources
@@ -0,0 +1 @@
+../../../Vagrant/resources
\ No newline at end of file
diff --git a/Addons/Exchange/Vagrant/scripts b/Addons/Exchange/Vagrant/scripts
new file mode 120000
index 0000000..7dc000e
--- /dev/null
+++ b/Addons/Exchange/Vagrant/scripts
@@ -0,0 +1 @@
+../../../Vagrant/scripts
\ No newline at end of file
diff --git a/Azure/Ansible/inventory.yml b/Azure/Ansible/inventory.yml
index 9c70bf1..b604553 100644
--- a/Azure/Ansible/inventory.yml
+++ b/Azure/Ansible/inventory.yml
@@ -11,8 +11,3 @@ wef:
 win10:
   hosts:
     z.z.z.z:
-
-#exchange:
-#  hosts:
-#    w.w.w.w:
-
diff --git a/Azure/Terraform/locals.tf b/Azure/Terraform/locals.tf
index 597dff9..d6b5ebc 100644
--- a/Azure/Terraform/locals.tf
+++ b/Azure/Terraform/locals.tf
@@ -4,5 +4,4 @@ locals {
   ata_url    = "https://${azurerm_public_ip.wef-publicip.ip_address}"
   guacamole_url = "http://${azurerm_public_ip.logger-publicip.ip_address}:8080/guacamole"
   velociraptor_url = "https://${azurerm_public_ip.logger-publicip.ip_address}:9999"
-  exchange_url    = "https://${var.create_exchange_server ? azurerm_public_ip.exchange-publicip[0].ip_address : ""}"
 }
diff --git a/Azure/Terraform/main.tf b/Azure/Terraform/main.tf
index 09e72ad..a83e1eb 100644
--- a/Azure/Terraform/main.tf
+++ b/Azure/Terraform/main.tf
@@ -366,33 +366,6 @@ resource "azurerm_public_ip" "win10-publicip" {
   }
 }
 
-resource "azurerm_network_interface" "exchange-nic" {
-  count = var.create_exchange_server ? 1 : 0
-  name = "exchange-nic"
-  location = var.region
-  resource_group_name  = azurerm_resource_group.detectionlab.name
-
-  ip_configuration {
-    name                          = "myNicConfiguration"
-    subnet_id                     = azurerm_subnet.detectionlab-subnet.id
-    private_ip_address_allocation = "Static"
-    private_ip_address            = "192.168.38.106"
-    public_ip_address_id          = azurerm_public_ip.exchange-publicip[count.index].id
-  }
-}
-
-resource "azurerm_public_ip" "exchange-publicip" {
-  count = var.create_exchange_server ? 1 : 0
-  name                = "exchange-public-ip"
-  location            = var.region
-  resource_group_name = azurerm_resource_group.detectionlab.name
-  allocation_method   = "Static"
-
-  tags = {
-    role = "exchange"
-  }
-}
-
 resource "azurerm_virtual_machine" "dc" {
   name = "dc.windomain.local"
   location = var.region
@@ -506,64 +479,6 @@ resource "azurerm_virtual_machine" "wef" {
   }
 }
 
-resource "azurerm_virtual_machine" "exchange" {
-  count = var.create_exchange_server ? 1 : 0
-  name = "exchange.windomain.local"
-  location = var.region
-  resource_group_name  = azurerm_resource_group.detectionlab.name
-  network_interface_ids = [azurerm_network_interface.exchange-nic[count.index].id]
-  vm_size               = "Standard_D3_v2"
-
-  delete_os_disk_on_termination = true
-
-  storage_image_reference {
-    publisher = "MicrosoftWindowsServer"
-    offer     = "WindowsServer"
-    sku       = "2016-Datacenter"
-    version   = "latest"
-  }
-
-  os_profile {
-    computer_name  = "exchange"
-    admin_username = "vagrant"
-    admin_password = "Vagrant123"
-    custom_data    = local.custom_data_content
-  }
-
-  os_profile_windows_config {
-    provision_vm_agent        = true
-    enable_automatic_upgrades = false
-
-    # Auto-Login's required to configure WinRM
-    additional_unattend_config {
-      pass         = "oobeSystem"
-      component    = "Microsoft-Windows-Shell-Setup"
-      setting_name = "AutoLogon"
-      content      = "<AutoLogon><Password><Value>Vagrant123</Value></Password><Enabled>true</Enabled><LogonCount>1</LogonCount><Username>vagrant</Username></AutoLogon>"
-    }
-
-    # Unattend config is to enable basic auth in WinRM, required for the provisioner stage.
-    # https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/examples/virtual-machines/provisioners/windows/files/FirstLogonCommands.xml
-    additional_unattend_config {
-      pass         = "oobeSystem"
-      component    = "Microsoft-Windows-Shell-Setup"
-      setting_name = "FirstLogonCommands"
-      content      = file("${path.module}/files/FirstLogonCommands.xml")
-    }
-  }
-
-  storage_os_disk {
-    name              = "OsDiskExchange"
-    caching           = "ReadWrite"
-    create_option     = "FromImage"
-    managed_disk_type = "Standard_LRS"
-  }
-
-  tags = {
-    role = "exchange"
-  }
-}
-
 resource "azurerm_virtual_machine" "win10" {
   name = "win10.windomain.local"
   location = var.region
diff --git a/Azure/Terraform/outputs.tf b/Azure/Terraform/outputs.tf
index 01c45b9..d7b5b38 100644
--- a/Azure/Terraform/outputs.tf
+++ b/Azure/Terraform/outputs.tf
@@ -18,10 +18,6 @@ output "win10_public_ip" {
   value = azurerm_public_ip.win10-publicip.ip_address 
 }
 
-output "exchange_public_ip" {
-  value = "${var.create_exchange_server ? azurerm_public_ip.exchange-publicip[0].ip_address : null}"
-}
-
 output "ata_url" {
   value = local.ata_url
 }
@@ -41,7 +37,3 @@ output "guacamole_url" {
 output "velociraptor_url" {
   value = local.velociraptor_url
 }
-
-output "exchange_url" {
-  value = "${var.create_exchange_server ? local.exchange_url : null}"
-}
diff --git a/Azure/Terraform/variables.tf b/Azure/Terraform/variables.tf
index b07dee0..9cdfe4d 100644
--- a/Azure/Terraform/variables.tf
+++ b/Azure/Terraform/variables.tf
@@ -39,10 +39,4 @@ variable "external_dns_servers" {
   description = "Configure lab to allow external DNS resolution"
   type        = list(string)
   default     = ["8.8.8.8"]
-}
-
-variable "create_exchange_server" {
-  description = "If set to true, adds an additional host that installs exchange"
-  type        = bool
-  default     = false
 }
\ No newline at end of file
diff --git a/Azure/build_ansible_inventory.sh b/Azure/build_ansible_inventory.sh
index 25ad6c8..516cdc6 100755
--- a/Azure/build_ansible_inventory.sh
+++ b/Azure/build_ansible_inventory.sh
@@ -23,10 +23,7 @@ TF_OUTPUT=$(terraform output)
 
 DC_IP=$(echo "$TF_OUTPUT" | grep -E -o "dc_public_ip = ([0-9]{1,3}[\.]){3}[0-9]{1,3}" | cut -d '=' -f 2 | tr -d ' ')
 WEF_IP=$(echo "$TF_OUTPUT" | grep -E -o "wef_public_ip = ([0-9]{1,3}[\.]){3}[0-9]{1,3}" | cut -d '=' -f 2 | tr -d ' ')
-EXCHANGE_IP=$(echo "$TF_OUTPUT" | grep -E -o "exchange_public_ip = ([0-9]{1,3}[\.]){3}[0-9]{1,3}" | cut -d '=' -f 2 | tr -d ' ')
 WIN10_IP=$(echo "$TF_OUTPUT" | grep -E -o "win10_public_ip = ([0-9]{1,3}[\.]){3}[0-9]{1,3}" | cut -d '=' -f 2 | tr -d ' ')
-# Code needs to be added for exchange
-
 
 # Don't update unless there's default values in inventory.yml
 GREP_COUNT=$(grep -E -c 'x\.x\.x\.x|y\.y\.y\.y|z\.z\.z\.z' ../Ansible/inventory.yml)
@@ -40,10 +37,5 @@ fi
 echo "Replacing the default values in DetectionLab/Azure/Ansible/inventory.yml..."
 sed -i.bak "s/x.x.x.x/$DC_IP/g; s/y.y.y.y/$WEF_IP/g; s/z.z.z.z/$WIN10_IP/g" ../Ansible/inventory.yml
 
-if [ ! -z $EXCHANGE_IP ]; then
-  echo "Found Exchange IP address in Terraform output. Adding to inventory."
-  sed -i.bak "s/#exchange:/exchange:/g; s/#  hosts:/  hosts:/g; s/#    w.w.w.w/    $EXCHANGE_IP/g" ../Ansible/inventory.yml
-fi
-
 echo "Displaying the updated inventory.yml below!"
 cat ../Ansible/inventory.yml
diff --git a/ESXi/ansible/detectionlab.yml b/ESXi/ansible/detectionlab.yml
index 6146eaf..d41ffb5 100644
--- a/ESXi/ansible/detectionlab.yml
+++ b/ESXi/ansible/detectionlab.yml
@@ -22,8 +22,4 @@
     - common
   tags: win10
 
-- hosts: exchange
-  roles:
-    - exchange
-    - common
-  tags: exchange
+
diff --git a/ESXi/ansible/inventory.yml b/ESXi/ansible/inventory.yml
index 7d19e84..8b008ca 100644
--- a/ESXi/ansible/inventory.yml
+++ b/ESXi/ansible/inventory.yml
@@ -2,7 +2,7 @@
 
 logger:
   hosts:
-    192.168.3.205:
+    w.w.w.w:
       ansible_user: vagrant
       ansible_password: vagrant
       ansible_port: 22
@@ -21,6 +21,4 @@ win10:
   hosts:
     z.z.z.z:
 
-#exchange:
-#  hosts:
-#    w.w.w.w:
+
diff --git a/ESXi/main.tf b/ESXi/main.tf
index 60b2b55..215a93e 100644
--- a/ESXi/main.tf
+++ b/ESXi/main.tf
@@ -121,36 +121,6 @@ resource "esxi_guest" "wef" {
   guest_shutdown_timeout = 30
 }
 
-resource "esxi_guest" "exchange" {
-  # See https://blog.gruntwork.io/terraform-tips-tricks-loops-if-statements-and-gotchas-f739bbae55f9#0223 for explanation about count
-  count = var.create_exchange_server ? 1 : 0
-  guest_name = "exchange"
-  disk_store = var.esxi_datastore
-  guestos    = "windows9srv-64"
-
-  boot_disk_type = "thin"
-
-  memsize            = "8192"
-  numvcpus           = "4"
-  resource_pool_name = "/"
-  power              = "on"
-  clone_from_vm = "WindowsServer2016"
-  # This is the network that bridges your host machine with the ESXi VM
-  network_interfaces {
-    virtual_network = var.vm_network
-    mac_address     = "00:50:56:a1:b2:c5"
-    nic_type        = "e1000"
-  }
-  # This is the local network that will be used for 192.168.38.x addressing
-  network_interfaces {
-    virtual_network = var.hostonly_network
-    mac_address     = "00:50:56:a1:b4:c5"
-    nic_type        = "e1000"
-  }
-  guest_startup_timeout  = 45
-  guest_shutdown_timeout = 30
-}
-
 resource "esxi_guest" "win10" {
   guest_name = "win10"
   disk_store = var.esxi_datastore
diff --git a/ESXi/outputs.tf b/ESXi/outputs.tf
index 1bdf393..1ed51db 100644
--- a/ESXi/outputs.tf
+++ b/ESXi/outputs.tf
@@ -22,14 +22,6 @@ output "wef_ips" {
   value = esxi_guest.wef.ip_address
 }
 
-output "exchange_interfaces" {
-  value = esxi_guest.exchange[0].network_interfaces
-}
-
-output "exchange_ips" {
-  value = "${var.create_exchange_server ? esxi_guest.exchange[0].ip_address : null}"
-}
-
 output "win10_interfaces" {
   value = esxi_guest.win10.network_interfaces
 }
diff --git a/ESXi/variables.tf b/ESXi/variables.tf
index f4ad7c0..052bc07 100644
--- a/ESXi/variables.tf
+++ b/ESXi/variables.tf
@@ -30,9 +30,3 @@ variable "vm_network" {
 variable "hostonly_network" {
   default = "HostOnly Network"
 }
-
-variable "create_exchange_server" {
-  description = "If set to true, adds an additional host that installs exchange"
-  type        = bool
-  default     = false
-}
diff --git a/Vagrant/Vagrantfile b/Vagrant/Vagrantfile
index d9bae33..d7d646b 100644
--- a/Vagrant/Vagrantfile
+++ b/Vagrant/Vagrantfile
@@ -1,5 +1,3 @@
-build_exchange = false
-
 Vagrant.configure("2") do |config|
 
   config.vm.define "logger" do |cfg|
@@ -182,67 +180,6 @@ Vagrant.configure("2") do |config|
     end
   end
 
-  if build_exchange
-    config.vm.define "exchange" do |cfg|
-      cfg.vm.box = "detectionlab/win2016"
-      cfg.vm.hostname = "exchange"
-      cfg.vm.boot_timeout = 600
-      cfg.vm.communicator = "winrm"
-      cfg.winrm.basic_auth_only = true
-      cfg.winrm.timeout = 300
-      cfg.winrm.retry_limit = 20
-      cfg.vm.network :private_network, ip: "192.168.38.106", gateway: "192.168.38.1", dns: "192.168.38.102"
-
-      cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: true, args: "-ip 192.168.38.106 -dns 8.8.8.8 -gateway 192.168.38.1" 
-      cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
-      cfg.vm.provision "reload"
-      cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
-      cfg.vm.provision "shell", path: "scripts/download_palantir_wef.ps1", privileged: false
-      cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: false
-      cfg.vm.provision "shell", path: "scripts/install-splunkuf.ps1", privileged: false
-      cfg.vm.provision "shell", path: "scripts/install-windows_ta.ps1", privileged: false
-      cfg.vm.provision "shell", path: "scripts/install-utilities.ps1", privileged: false
-      cfg.vm.provision "shell", path: "scripts/install-redteam.ps1", privileged: false
-      cfg.vm.provision "shell", path: "scripts/install-choco-extras.ps1", privileged: false
-      cfg.vm.provision "shell", path: "scripts/install-osquery.ps1", privileged: false
-      cfg.vm.provision "shell", path: "scripts/install-sysinternals.ps1", privileged: false
-      cfg.vm.provision "shell", path: "scripts/install-velociraptor.ps1", privileged: false 
-      cfg.vm.provision "shell", inline: "Set-SmbServerConfiguration -AuditSmb1Access $true -Force", privileged: false
-      cfg.vm.provision "shell", inline: 'cscript c:\windows\system32\slmgr.vbs /dlv', privileged: false
-
-      cfg.vm.provider "vmware_desktop" do |v, override|
-        v.vmx["displayname"] = "exchange.windomain.local"
-        v.memory = 8192
-        v.cpus = 4
-        v.gui = true
-        v.enable_vmrun_ip_lookup = false
-      end
-
-      cfg.vm.provider "virtualbox" do |vb, override|
-        vb.gui = true
-        vb.name = "exchange.windomain.local"
-        vb.default_nic_type = "82545EM"
-        vb.customize ["modifyvm", :id, "--memory", 8192]
-        vb.customize ["modifyvm", :id, "--cpus", 4]
-        vb.customize ["modifyvm", :id, "--vram", "32"]
-        vb.customize ["modifyvm", :id, "--clipboard", "bidirectional"]
-        vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
-        vb.customize ["setextradata", "global", "GUI/SuppressMessages", "all" ]
-      end
-
-      cfg.vm.provider "libvirt" do |lv, override|
-        lv.graphics_type = "spice"
-        lv.video_type = "qxl"
-        lv.input :type => "tablet", :bus => "usb"
-        override.vm.box = "../Boxes/windows_2016_libvirt.box"
-        lv.video_vram = 32768
-        lv.memory = 8192
-        lv.cpus = 4
-        override.vm.synced_folder '.', '/', type: 'winrm' 
-      end
-    end
-  end
-
   config.vm.define "win10" do |cfg|
     cfg.vm.box = "detectionlab/win10"
     cfg.vm.hostname = "win10"
diff --git a/Vagrant/scripts/install-exchange.ps1 b/Vagrant/scripts/install-exchange.ps1
index a61678d..5ca36fa 100644
--- a/Vagrant/scripts/install-exchange.ps1
+++ b/Vagrant/scripts/install-exchange.ps1
@@ -31,10 +31,6 @@ Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) [+] Failure to reboot will cause the
 # Warn the user if less than 8GB of memory
 If ($physicalMemory -lt 8000000000) {
     Write-Host "It is STRONGLY recommended that you provide this host with 8GB+ of memory before continuing or it is highly likely that it will run out of memory while installing Exchange."
-    $ignore = Read-Host "Type 'ignore' to continue anyways, otherwise this script will exit."
-    If ($ignore -ne "ignore") {
-        Write-Host "Exiting."
-    }
 }
 
 # Gotta temporarily re-enable these services

From 8c8c7f760c16c720cd0334216849ae2a6477c287 Mon Sep 17 00:00:00 2001
From: Chris Long <clong@cl0ng.com>
Date: Wed, 5 May 2021 21:44:15 -0700
Subject: [PATCH 2/4] Bump terraform version for circleci

---
 .circleci/config.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 7adcae1..1b6b500 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -8,7 +8,7 @@ jobs:
       - run:
           name: Download and Install Terraform
           command: |
-            wget -O terraform.zip https://releases.hashicorp.com/terraform/0.12.2/terraform_0.12.2_linux_amd64.zip
+            wget -O terraform.zip https://releases.hashicorp.com/terraform/0.13.5/terraform_0.13.5_linux_amd64.zip
             unzip terraform.zip
             sudo mv terraform /usr/local/bin/terraform
 

From bb41499a270e51792dfaa166709cc37dde688694 Mon Sep 17 00:00:00 2001
From: Chris Long <clong@cl0ng.com>
Date: Sat, 8 May 2021 15:13:05 -0700
Subject: [PATCH 3/4] Convert Exchange to a Terraform module

---
 .gitignore                                    |  5 ++-
 Addons/Exchange/Azure/Ansible/ansible.cfg     |  3 --
 Addons/Exchange/Azure/Ansible/exchange.yml    |  6 ---
 .../Exchange/Azure/Ansible/group_vars/all.yml |  1 -
 Addons/Exchange/Azure/Ansible/roles/common    |  1 -
 Addons/Exchange/ESXi/Ansible/ansible.cfg      |  2 -
 Addons/Exchange/ESXi/Ansible/exchange.yml     |  6 ---
 .../Exchange/ESXi/Ansible/group_vars/all.yml  |  1 -
 Addons/Exchange/ESXi/Ansible/roles/common     |  1 -
 Addons/Exchange/ESXi/Terraform/main.tf        | 40 -------------------
 Addons/Exchange/ESXi/Terraform/variables.tf   |  1 -
 Addons/Exchange/Vagrant/resources             |  1 -
 Addons/Exchange/Vagrant/scripts               |  1 -
 Azure/Ansible/inventory.yml                   |  4 ++
 .../Ansible/roles/exchange/tasks/main.yml     |  0
 Azure/Terraform/exchange.tf                   | 10 +++++
 .../Terraform/modules/exchange}/locals.tf     |  0
 .../Terraform/modules/exchange}/main.tf       | 19 +++++----
 .../Terraform/modules/exchange}/outputs.tf    |  0
 Azure/Terraform/modules/exchange/variables.tf | 11 +++++
 Azure/build_ansible_inventory.sh              |  6 +++
 ESXi/ansible/detectionlab.yml                 |  6 +++
 .../ansible}/roles/exchange/tasks/main.yml    |  0
 ESXi/exchange.tf                              |  9 +++++
 .../modules/exchange/main.tf                  | 28 +++++++++++++
 .../modules/exchange}/outputs.tf              |  0
 ESXi/modules/exchange/variables.tf            | 11 +++++
 .../Vagrant => Vagrant/Exchange}/Vagrantfile  | 24 +++++------
 28 files changed, 112 insertions(+), 85 deletions(-)
 delete mode 100644 Addons/Exchange/Azure/Ansible/ansible.cfg
 delete mode 100644 Addons/Exchange/Azure/Ansible/exchange.yml
 delete mode 120000 Addons/Exchange/Azure/Ansible/group_vars/all.yml
 delete mode 120000 Addons/Exchange/Azure/Ansible/roles/common
 delete mode 100644 Addons/Exchange/ESXi/Ansible/ansible.cfg
 delete mode 100644 Addons/Exchange/ESXi/Ansible/exchange.yml
 delete mode 120000 Addons/Exchange/ESXi/Ansible/group_vars/all.yml
 delete mode 120000 Addons/Exchange/ESXi/Ansible/roles/common
 delete mode 100644 Addons/Exchange/ESXi/Terraform/main.tf
 delete mode 120000 Addons/Exchange/ESXi/Terraform/variables.tf
 delete mode 120000 Addons/Exchange/Vagrant/resources
 delete mode 120000 Addons/Exchange/Vagrant/scripts
 rename {Addons/Exchange/Azure => Azure}/Ansible/roles/exchange/tasks/main.yml (100%)
 create mode 100644 Azure/Terraform/exchange.tf
 rename {Addons/Exchange/Azure/Terraform => Azure/Terraform/modules/exchange}/locals.tf (100%)
 rename {Addons/Exchange/Azure/Terraform => Azure/Terraform/modules/exchange}/main.tf (78%)
 rename {Addons/Exchange/Azure/Terraform => Azure/Terraform/modules/exchange}/outputs.tf (100%)
 create mode 100644 Azure/Terraform/modules/exchange/variables.tf
 rename {Addons/Exchange/ESXi/Ansible => ESXi/ansible}/roles/exchange/tasks/main.yml (100%)
 create mode 100644 ESXi/exchange.tf
 rename Addons/Exchange/ESXi/Terraform/versions.tf => ESXi/modules/exchange/main.tf (58%)
 rename {Addons/Exchange/ESXi/Terraform => ESXi/modules/exchange}/outputs.tf (100%)
 create mode 100644 ESXi/modules/exchange/variables.tf
 rename {Addons/Exchange/Vagrant => Vagrant/Exchange}/Vagrantfile (63%)

diff --git a/.gitignore b/.gitignore
index b3342ae..a83f478 100755
--- a/.gitignore
+++ b/.gitignore
@@ -8,9 +8,10 @@ Boxes/*
 *.tfstate
 *.tfstate.*
 *.tfvars
-inventory.yml
+ESXi/Ansible/inventory.yml
+Azure/Ansible/inventory.yml
 inventory.yml.bak
-**/inventory.yml
+inventory.yml
 *.box
 manifest.xml
 HyperV/.vagrant/*
diff --git a/Addons/Exchange/Azure/Ansible/ansible.cfg b/Addons/Exchange/Azure/Ansible/ansible.cfg
deleted file mode 100644
index bcbfb98..0000000
--- a/Addons/Exchange/Azure/Ansible/ansible.cfg
+++ /dev/null
@@ -1,3 +0,0 @@
-[defaults]
-inventory = inventory.yml
-host_key_checking = False
diff --git a/Addons/Exchange/Azure/Ansible/exchange.yml b/Addons/Exchange/Azure/Ansible/exchange.yml
deleted file mode 100644
index 18afd15..0000000
--- a/Addons/Exchange/Azure/Ansible/exchange.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- hosts: exchange
-  roles:
-    - exchange
-    - common
-  tags: exchange
diff --git a/Addons/Exchange/Azure/Ansible/group_vars/all.yml b/Addons/Exchange/Azure/Ansible/group_vars/all.yml
deleted file mode 120000
index 881d25b..0000000
--- a/Addons/Exchange/Azure/Ansible/group_vars/all.yml
+++ /dev/null
@@ -1 +0,0 @@
-../../../../Azure/Ansible/group_vars/all.yml
\ No newline at end of file
diff --git a/Addons/Exchange/Azure/Ansible/roles/common b/Addons/Exchange/Azure/Ansible/roles/common
deleted file mode 120000
index 76017e7..0000000
--- a/Addons/Exchange/Azure/Ansible/roles/common
+++ /dev/null
@@ -1 +0,0 @@
-../../../../../Azure/Ansible/roles/common
\ No newline at end of file
diff --git a/Addons/Exchange/ESXi/Ansible/ansible.cfg b/Addons/Exchange/ESXi/Ansible/ansible.cfg
deleted file mode 100644
index d601d7e..0000000
--- a/Addons/Exchange/ESXi/Ansible/ansible.cfg
+++ /dev/null
@@ -1,2 +0,0 @@
-[defaults]
-inventory = inventory.yml
diff --git a/Addons/Exchange/ESXi/Ansible/exchange.yml b/Addons/Exchange/ESXi/Ansible/exchange.yml
deleted file mode 100644
index 18afd15..0000000
--- a/Addons/Exchange/ESXi/Ansible/exchange.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- hosts: exchange
-  roles:
-    - exchange
-    - common
-  tags: exchange
diff --git a/Addons/Exchange/ESXi/Ansible/group_vars/all.yml b/Addons/Exchange/ESXi/Ansible/group_vars/all.yml
deleted file mode 120000
index 52b2c39..0000000
--- a/Addons/Exchange/ESXi/Ansible/group_vars/all.yml
+++ /dev/null
@@ -1 +0,0 @@
-../../../../../ESXi/Ansible/group_vars/all.yml
\ No newline at end of file
diff --git a/Addons/Exchange/ESXi/Ansible/roles/common b/Addons/Exchange/ESXi/Ansible/roles/common
deleted file mode 120000
index 6b58ef8..0000000
--- a/Addons/Exchange/ESXi/Ansible/roles/common
+++ /dev/null
@@ -1 +0,0 @@
-../../../../../ESXi/Ansible/roles/common
\ No newline at end of file
diff --git a/Addons/Exchange/ESXi/Terraform/main.tf b/Addons/Exchange/ESXi/Terraform/main.tf
deleted file mode 100644
index 3f80f22..0000000
--- a/Addons/Exchange/ESXi/Terraform/main.tf
+++ /dev/null
@@ -1,40 +0,0 @@
-#########################################
-#  ESXI Provider host/login details
-#########################################
-#
-#   Use of variables here to hide/move the variables to a separate file
-#
-provider "esxi" {
-  esxi_hostname = var.esxi_hostname
-  esxi_hostport = var.esxi_hostport
-  esxi_username = var.esxi_username
-  esxi_password = var.esxi_password
-}
-
-resource "esxi_guest" "exchange" {
-  guest_name = "exchange"
-  disk_store = var.esxi_datastore
-  guestos    = "windows9srv-64"
-
-  boot_disk_type = "thin"
-
-  memsize            = "8192"
-  numvcpus           = "4"
-  resource_pool_name = "/"
-  power              = "on"
-  clone_from_vm = "WindowsServer2016"
-  # This is the network that bridges your host machine with the ESXi VM
-  network_interfaces {
-    virtual_network = var.vm_network
-    mac_address     = "00:50:56:a1:b2:c5"
-    nic_type        = "e1000"
-  }
-  # This is the local network that will be used for 192.168.38.x addressing
-  network_interfaces {
-    virtual_network = var.hostonly_network
-    mac_address     = "00:50:56:a1:b4:c5"
-    nic_type        = "e1000"
-  }
-  guest_startup_timeout  = 45
-  guest_shutdown_timeout = 30
-}
diff --git a/Addons/Exchange/ESXi/Terraform/variables.tf b/Addons/Exchange/ESXi/Terraform/variables.tf
deleted file mode 120000
index 0ff79dd..0000000
--- a/Addons/Exchange/ESXi/Terraform/variables.tf
+++ /dev/null
@@ -1 +0,0 @@
-../../../../ESXi/variables.tf
\ No newline at end of file
diff --git a/Addons/Exchange/Vagrant/resources b/Addons/Exchange/Vagrant/resources
deleted file mode 120000
index ebd8c69..0000000
--- a/Addons/Exchange/Vagrant/resources
+++ /dev/null
@@ -1 +0,0 @@
-../../../Vagrant/resources
\ No newline at end of file
diff --git a/Addons/Exchange/Vagrant/scripts b/Addons/Exchange/Vagrant/scripts
deleted file mode 120000
index 7dc000e..0000000
--- a/Addons/Exchange/Vagrant/scripts
+++ /dev/null
@@ -1 +0,0 @@
-../../../Vagrant/scripts
\ No newline at end of file
diff --git a/Azure/Ansible/inventory.yml b/Azure/Ansible/inventory.yml
index b604553..c0ee6c6 100644
--- a/Azure/Ansible/inventory.yml
+++ b/Azure/Ansible/inventory.yml
@@ -11,3 +11,7 @@ wef:
 win10:
   hosts:
     z.z.z.z:
+
+exchange:
+  hosts:
+    # v.v.v.v:
diff --git a/Addons/Exchange/Azure/Ansible/roles/exchange/tasks/main.yml b/Azure/Ansible/roles/exchange/tasks/main.yml
similarity index 100%
rename from Addons/Exchange/Azure/Ansible/roles/exchange/tasks/main.yml
rename to Azure/Ansible/roles/exchange/tasks/main.yml
diff --git a/Azure/Terraform/exchange.tf b/Azure/Terraform/exchange.tf
new file mode 100644
index 0000000..2f82d47
--- /dev/null
+++ b/Azure/Terraform/exchange.tf
@@ -0,0 +1,10 @@
+## Remove the block comment to enable the creation of the Exchange server
+/*
+module "exchange" {
+  source = "./modules/exchange"
+  resource_group_name = azurerm_resource_group.detectionlab.name
+  region = var.region
+  subnet_id = azurerm_subnet.detectionlab-subnet.id
+}
+*/
+
diff --git a/Addons/Exchange/Azure/Terraform/locals.tf b/Azure/Terraform/modules/exchange/locals.tf
similarity index 100%
rename from Addons/Exchange/Azure/Terraform/locals.tf
rename to Azure/Terraform/modules/exchange/locals.tf
diff --git a/Addons/Exchange/Azure/Terraform/main.tf b/Azure/Terraform/modules/exchange/main.tf
similarity index 78%
rename from Addons/Exchange/Azure/Terraform/main.tf
rename to Azure/Terraform/modules/exchange/main.tf
index 6e5a764..84d3164 100644
--- a/Addons/Exchange/Azure/Terraform/main.tf
+++ b/Azure/Terraform/modules/exchange/main.tf
@@ -1,8 +1,13 @@
+# https://github.com/terraform-providers/terraform-provider-azurerm/blob/1940d84dba45e41b2f1f868a22d7f7af1adea8a0/examples/virtual-machines/virtual_machine/vm-joined-to-active-directory/modules/active-directory/2-virtual-machine.tf
+locals {
+    custom_data_content  = file("${path.module}/../../files/winrm.ps1")
+}
+
 resource "azurerm_virtual_machine" "exchange" {
   name = "exchange.windomain.local"
   location = var.region
-  resource_group_name  = azurerm_resource_group.detectionlab.name
-  network_interface_ids = [azurerm_network_interface.exchange-nic[count.index].id]
+  resource_group_name  = var.resource_group_name
+  network_interface_ids = [azurerm_network_interface.exchange-nic.id]
   vm_size               = "Standard_D3_v2"
 
   delete_os_disk_on_termination = true
@@ -39,7 +44,7 @@ resource "azurerm_virtual_machine" "exchange" {
       pass         = "oobeSystem"
       component    = "Microsoft-Windows-Shell-Setup"
       setting_name = "FirstLogonCommands"
-      content      = file("${path.module}/files/FirstLogonCommands.xml")
+      content      = file("${path.module}/../../files/FirstLogonCommands.xml")
     }
   }
 
@@ -58,21 +63,21 @@ resource "azurerm_virtual_machine" "exchange" {
 resource "azurerm_network_interface" "exchange-nic" {
   name = "exchange-nic"
   location = var.region
-  resource_group_name  = azurerm_resource_group.detectionlab.name
+  resource_group_name  = var.resource_group_name
 
   ip_configuration {
     name                          = "myNicConfiguration"
-    subnet_id                     = azurerm_subnet.detectionlab-subnet.id
+    subnet_id                     = var.subnet_id
     private_ip_address_allocation = "Static"
     private_ip_address            = "192.168.38.106"
-    public_ip_address_id          = azurerm_public_ip.exchange-publicip[count.index].id
+    public_ip_address_id          = azurerm_public_ip.exchange-publicip.id
   }
 }
 
 resource "azurerm_public_ip" "exchange-publicip" {
   name                = "exchange-public-ip"
   location            = var.region
-  resource_group_name = azurerm_resource_group.detectionlab.name
+  resource_group_name = var.resource_group_name
   allocation_method   = "Static"
 
   tags = {
diff --git a/Addons/Exchange/Azure/Terraform/outputs.tf b/Azure/Terraform/modules/exchange/outputs.tf
similarity index 100%
rename from Addons/Exchange/Azure/Terraform/outputs.tf
rename to Azure/Terraform/modules/exchange/outputs.tf
diff --git a/Azure/Terraform/modules/exchange/variables.tf b/Azure/Terraform/modules/exchange/variables.tf
new file mode 100644
index 0000000..d2ccde2
--- /dev/null
+++ b/Azure/Terraform/modules/exchange/variables.tf
@@ -0,0 +1,11 @@
+variable "resource_group_name" {
+  type = string
+}
+
+variable "region" {
+  type = string
+}
+
+variable "subnet_id" {
+  type = string
+}
\ No newline at end of file
diff --git a/Azure/build_ansible_inventory.sh b/Azure/build_ansible_inventory.sh
index 516cdc6..2eeb6b5 100755
--- a/Azure/build_ansible_inventory.sh
+++ b/Azure/build_ansible_inventory.sh
@@ -24,6 +24,7 @@ TF_OUTPUT=$(terraform output)
 DC_IP=$(echo "$TF_OUTPUT" | grep -E -o "dc_public_ip = ([0-9]{1,3}[\.]){3}[0-9]{1,3}" | cut -d '=' -f 2 | tr -d ' ')
 WEF_IP=$(echo "$TF_OUTPUT" | grep -E -o "wef_public_ip = ([0-9]{1,3}[\.]){3}[0-9]{1,3}" | cut -d '=' -f 2 | tr -d ' ')
 WIN10_IP=$(echo "$TF_OUTPUT" | grep -E -o "win10_public_ip = ([0-9]{1,3}[\.]){3}[0-9]{1,3}" | cut -d '=' -f 2 | tr -d ' ')
+EXCHANGE_IP=$(echo "$TF_OUTPUT" | grep -E -o "exchange_public_ip = ([0-9]{1,3}[\.]){3}[0-9]{1,3}" | cut -d '=' -f 2 | tr -d ' ')
 
 # Don't update unless there's default values in inventory.yml
 GREP_COUNT=$(grep -E -c 'x\.x\.x\.x|y\.y\.y\.y|z\.z\.z\.z' ../Ansible/inventory.yml)
@@ -37,5 +38,10 @@ fi
 echo "Replacing the default values in DetectionLab/Azure/Ansible/inventory.yml..."
 sed -i.bak "s/x.x.x.x/$DC_IP/g; s/y.y.y.y/$WEF_IP/g; s/z.z.z.z/$WIN10_IP/g" ../Ansible/inventory.yml
 
+if [ ! -e "$EXCHANGE_IP" ]; then
+  echo "Exchange server found! Adding the IP to the Ansible inventory..."
+  sed -i.bak "s/# v.v.v.v/$EXCHANGE_IP/g" ../Ansible/inventory.yml
+fi
+
 echo "Displaying the updated inventory.yml below!"
 cat ../Ansible/inventory.yml
diff --git a/ESXi/ansible/detectionlab.yml b/ESXi/ansible/detectionlab.yml
index d41ffb5..c968c11 100644
--- a/ESXi/ansible/detectionlab.yml
+++ b/ESXi/ansible/detectionlab.yml
@@ -16,6 +16,12 @@
     - common
   tags: wef
 
+- hosts: exchange
+  roles:
+    - exchange
+    - common
+  tags: exchange
+
 - hosts: win10
   roles:
     - win10
diff --git a/Addons/Exchange/ESXi/Ansible/roles/exchange/tasks/main.yml b/ESXi/ansible/roles/exchange/tasks/main.yml
similarity index 100%
rename from Addons/Exchange/ESXi/Ansible/roles/exchange/tasks/main.yml
rename to ESXi/ansible/roles/exchange/tasks/main.yml
diff --git a/ESXi/exchange.tf b/ESXi/exchange.tf
new file mode 100644
index 0000000..50197bc
--- /dev/null
+++ b/ESXi/exchange.tf
@@ -0,0 +1,9 @@
+## Remove the block comment to enable the creation of the Exchange server
+/*
+module "exchange" {
+  source = "./modules/exchange"
+  disk_store = var.esxi_datastore
+  vm_network = var.vm_network
+  hostonly_network = var.hostonly_network
+}
+*/
diff --git a/Addons/Exchange/ESXi/Terraform/versions.tf b/ESXi/modules/exchange/main.tf
similarity index 58%
rename from Addons/Exchange/ESXi/Terraform/versions.tf
rename to ESXi/modules/exchange/main.tf
index 7d8294c..bf951b4 100644
--- a/Addons/Exchange/ESXi/Terraform/versions.tf
+++ b/ESXi/modules/exchange/main.tf
@@ -7,3 +7,31 @@ terraform {
     }
   }
 }
+
+resource "esxi_guest" "exchange" {
+  guest_name = "exchange"
+  disk_store = var.disk_store
+  guestos    = "windows9srv-64"
+
+  boot_disk_type = "thin"
+
+  memsize            = "8192"
+  numvcpus           = "4"
+  resource_pool_name = "/"
+  power              = "on"
+  clone_from_vm = "WindowsServer2016"
+  # This is the network that bridges your host machine with the ESXi VM
+  network_interfaces {
+    virtual_network = var.vm_network
+    mac_address     = "00:50:56:a1:b2:c5"
+    nic_type        = "e1000"
+  }
+  # This is the local network that will be used for 192.168.38.x addressing
+  network_interfaces {
+    virtual_network = var.hostonly_network
+    mac_address     = "00:50:56:a1:b4:c5"
+    nic_type        = "e1000"
+  }
+  guest_startup_timeout  = 45
+  guest_shutdown_timeout = 30
+}
diff --git a/Addons/Exchange/ESXi/Terraform/outputs.tf b/ESXi/modules/exchange/outputs.tf
similarity index 100%
rename from Addons/Exchange/ESXi/Terraform/outputs.tf
rename to ESXi/modules/exchange/outputs.tf
diff --git a/ESXi/modules/exchange/variables.tf b/ESXi/modules/exchange/variables.tf
new file mode 100644
index 0000000..636b617
--- /dev/null
+++ b/ESXi/modules/exchange/variables.tf
@@ -0,0 +1,11 @@
+variable "vm_network" {
+  default = "VM Network"
+}
+
+variable "hostonly_network" {
+  default = "HostOnly Network"
+}
+
+variable "disk_store" { 
+  type = string
+}
\ No newline at end of file
diff --git a/Addons/Exchange/Vagrant/Vagrantfile b/Vagrant/Exchange/Vagrantfile
similarity index 63%
rename from Addons/Exchange/Vagrant/Vagrantfile
rename to Vagrant/Exchange/Vagrantfile
index 4bf5568..7e9c5a5 100644
--- a/Addons/Exchange/Vagrant/Vagrantfile
+++ b/Vagrant/Exchange/Vagrantfile
@@ -8,20 +8,20 @@
       cfg.winrm.retry_limit = 20
       cfg.vm.network :private_network, ip: "192.168.38.106", gateway: "192.168.38.1", dns: "192.168.38.102"
 
-      cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: true, args: "-ip 192.168.38.106 -dns 8.8.8.8 -gateway 192.168.38.1" 
-      cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
+      cfg.vm.provision "shell", path: "../scripts/fix-second-network.ps1", privileged: true, args: "-ip 192.168.38.106 -dns 8.8.8.8 -gateway 192.168.38.1" 
+      cfg.vm.provision "shell", path: "../scripts/provision.ps1", privileged: false
       cfg.vm.provision "reload"
-      cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
-      cfg.vm.provision "shell", path: "scripts/download_palantir_wef.ps1", privileged: false
+      cfg.vm.provision "shell", path: "../scripts/provision.ps1", privileged: false
+      cfg.vm.provision "shell", path: "../scripts/download_palantir_wef.ps1", privileged: false
       cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: false
-      cfg.vm.provision "shell", path: "scripts/install-splunkuf.ps1", privileged: false
-      cfg.vm.provision "shell", path: "scripts/install-windows_ta.ps1", privileged: false
-      cfg.vm.provision "shell", path: "scripts/install-utilities.ps1", privileged: false
-      cfg.vm.provision "shell", path: "scripts/install-redteam.ps1", privileged: false
-      cfg.vm.provision "shell", path: "scripts/install-choco-extras.ps1", privileged: false
-      cfg.vm.provision "shell", path: "scripts/install-osquery.ps1", privileged: false
-      cfg.vm.provision "shell", path: "scripts/install-sysinternals.ps1", privileged: false
-      cfg.vm.provision "shell", path: "scripts/install-velociraptor.ps1", privileged: false 
+      cfg.vm.provision "shell", path: "../scripts/install-splunkuf.ps1", privileged: false
+      cfg.vm.provision "shell", path: "../scripts/install-windows_ta.ps1", privileged: false
+      cfg.vm.provision "shell", path: "../scripts/install-utilities.ps1", privileged: false
+      cfg.vm.provision "shell", path: "../scripts/install-redteam.ps1", privileged: false
+      cfg.vm.provision "shell", path: "../scripts/install-choco-extras.ps1", privileged: false
+      cfg.vm.provision "shell", path: "../scripts/install-osquery.ps1", privileged: false
+      cfg.vm.provision "shell", path: "../scripts/install-sysinternals.ps1", privileged: false
+      cfg.vm.provision "shell", path: "../scripts/install-velociraptor.ps1", privileged: false 
       cfg.vm.provision "shell", inline: "Set-SmbServerConfiguration -AuditSmb1Access $true -Force", privileged: false
       cfg.vm.provision "shell", inline: 'cscript c:\windows\system32\slmgr.vbs /dlv', privileged: false
 

From 844fea65e4cee24dd1cfe14cab5a534eb3ad69d9 Mon Sep 17 00:00:00 2001
From: Chris Long <clong@cl0ng.com>
Date: Sat, 8 May 2021 15:33:25 -0700
Subject: [PATCH 4/4] Fix azure provider for module

---
 Azure/Terraform/modules/exchange/main.tf | 5 +++++
 Azure/Terraform/versions.tf              | 6 ++++++
 2 files changed, 11 insertions(+)

diff --git a/Azure/Terraform/modules/exchange/main.tf b/Azure/Terraform/modules/exchange/main.tf
index 84d3164..262939a 100644
--- a/Azure/Terraform/modules/exchange/main.tf
+++ b/Azure/Terraform/modules/exchange/main.tf
@@ -3,6 +3,11 @@ locals {
     custom_data_content  = file("${path.module}/../../files/winrm.ps1")
 }
 
+provider "azurerm" {
+  version = "=2.12.0"
+  features {}
+}
+
 resource "azurerm_virtual_machine" "exchange" {
   name = "exchange.windomain.local"
   location = var.region
diff --git a/Azure/Terraform/versions.tf b/Azure/Terraform/versions.tf
index a5cb3d7..2f881fb 100644
--- a/Azure/Terraform/versions.tf
+++ b/Azure/Terraform/versions.tf
@@ -1,3 +1,9 @@
 terraform {
   required_version = ">= 0.12, < 15.0.0"
+  required_providers {
+    azurerm = {
+      version = "=2.12.0"
+    }
+  }
 }
+